ClawHub
Back to skill

Security audit

论文常用的tex格式转换为word格式,核心是能转换数学公式(非图片),表格,图表等等

Security checks across malware telemetry and agentic risk

Overview

This LaTeX-to-Word converter mostly performs the stated conversion, but it adds a fixed company affiliation and Gmail address to every generated document without disclosure or user control.

Review or edit the converter before using it, especially the hard-coded affiliation/email paragraph. Use it only on copies of documents, install dependencies in a virtual environment, and inspect generated DOCX files before sharing, submitting, or publishing them.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (2)

Tp4

High
Category
MCP Tool Poisoning
Confidence
89% confidence
Finding
A converter that silently injects hardcoded author affiliation and email content into every generated document alters user data in a way not disclosed by the skill's stated purpose. This can cause integrity issues, misattribution, privacy concerns, and reputational harm, especially in academic workflows where author metadata must be accurate and user-controlled; the verification script also expands behavior beyond simple conversion by inspecting document contents.

Description-Behavior Mismatch

Medium
Confidence
98% confidence
Finding
The script unconditionally inserts a hard-coded affiliation and email address into every generated document, which changes user content and can misattribute authorship or leak unrelated personal/contact information. In the context of a document-conversion skill, this is especially risky because users expect faithful transformation of their input, not hidden content injection.

VirusTotal

55/55 vendors flagged this skill as clean.

View on VirusTotal